chains

package
v0.11.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 19, 2022 License: Apache-2.0 Imports: 31 Imported by: 1

Documentation

Index

Constants

View Source 
const (
	// ChainsAnnotation is the standard annotation to indicate a TR has been signed.
	ChainsAnnotation             = "chains.tekton.dev/signed"
	RetryAnnotation              = "chains.tekton.dev/retries"
	ChainsTransparencyAnnotation = "chains.tekton.dev/transparency"
	MaxRetries                   = 3
)
View Source 
const (
	RekorAnnotation = "chains.tekton.dev/transparency-upload"
)

Variables

This section is empty.

Functions

func AddAnnotation added in v0.4.0 

func AddAnnotation(ctx context.Context, tr *v1beta1.TaskRun, ps versioned.Interface, key, value string, annotations map[string]string) error

func AddRetry added in v0.4.0 

func AddRetry(ctx context.Context, tr *v1beta1.TaskRun, ps versioned.Interface, annotations map[string]string) error

func AllFormatters added in v0.9.0 

func AllFormatters(cfg config.Config, l *zap.SugaredLogger) map[formats.PayloadType]formats.Payloader

func HandleRetry added in v0.4.0 

func HandleRetry(ctx context.Context, tr *v1beta1.TaskRun, ps versioned.Interface, annotations map[string]string) error

func MarkFailed added in v0.4.0 

func MarkFailed(ctx context.Context, tr *v1beta1.TaskRun, ps versioned.Interface, annotations map[string]string) error

func MarkSigned 

func MarkSigned(ctx context.Context, tr *v1beta1.TaskRun, ps versioned.Interface, annotations map[string]string) error

MarkSigned marks a TaskRun as signed.

func Reconciled added in v0.4.0 

func Reconciled(tr *v1beta1.TaskRun) bool

Reconciled determines whether a TaskRun has already passed through the reconcile loops, up to 3x

func RetryAvailable added in v0.4.0 

func RetryAvailable(tr *v1beta1.TaskRun) bool

Types

type Signer 

type Signer interface {
	SignTaskRun(ctx context.Context, tr *v1beta1.TaskRun) error
}

type TaskRunSigner 

type TaskRunSigner struct {
	// Formatters: format payload
	// The keys are the names of different formatters {tekton, in-toto, simplesigning}. The first two are for TaskRun artifact, and simplesigning is for OCI artifact.
	// The values are actual `Payloader` interfaces that can generate payload in different format from taskrun.
	Formatters map[formats.PayloadType]formats.Payloader

	// Backends: store payload and signature
	// The keys are different storage option's name. {docdb, gcs, grafeas, oci, tekton}
	// The values are the actual storage backends that will be used to store and retrieve provenance.
	Backends          map[string]storage.Backend
	SecretPath        string
	Pipelineclientset versioned.Interface
}

func (*TaskRunSigner) SignTaskRun 

func (ts *TaskRunSigner) SignTaskRun(ctx context.Context, tr *v1beta1.TaskRun) error

SignTaskRun signs a TaskRun, and marks it as signed.

type TaskRunVerifier added in v0.6.0 

type TaskRunVerifier struct {
	KubeClient        kubernetes.Interface
	Pipelineclientset versioned.Interface
	SecretPath        string
}

func (*TaskRunVerifier) VerifyTaskRun added in v0.6.0 

func (tv *TaskRunVerifier) VerifyTaskRun(ctx context.Context, tr *v1beta1.TaskRun) error

type Verifier added in v0.6.0 

type Verifier interface {
	VerifyTaskRun(ctx context.Context, tr *v1beta1.TaskRun) error
}

Source Files

View all Source files

Directories

Path Synopsis
intotoite6
simple
tekton
kms
Package kms creates a signer using a key management server
 Package kms creates a signer using a key management server
x509
docdb
gcs
grafeas
oci
pubsub
tekton

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.